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3006 — > R (ENTERED) 

- KStep 3: C enters user (host) name, user (host ID) and server password on C side *W 
5 3007 * 




-► (Step 4: User (or host) name hashed and encrypted with SRKi is sent to S 
S,R 3008 



> 



/Step 5: If user (or host) is validated, S sends to C DRK1 encrypted with SRKi; 
decrypts DRK1 with SRKi and sends to S encrypted with DRK1 hashed DRK1 
30093? 



/Step 6. If received DRK1 is correct, S sends to C DRK2 encrypted with DRK1; 



decrypts DRK2 with DRK1, and sends to S encrypted with DRK2 hashed DRK2 



3010 



> 

R.S 



R,S 



S,R 



> 



_^Step j: If received DRKj-1 is correct, S sends to C DRKj encrypted with DRK(j-1); 



R,S 



< 



decrypts DRKj with DRK(j-1 ) and sends to S encrypted with DRKj hashed DRK j 
S,R 3 012^ r, S 



> 



S,R 3013^ r S 

{Step n: If received from C DRKn-1 is correct, S sends to C DRKn encrypted with the^\ 
hashed user password as a key; C decrypts DRKn with the user password, stored at 
C in step 3, and converted to its hash equivalent; then C sends to S hashed DRKn 
encrypted with the user password, stored at C in step 3, and converted to its hash 
V ^quivalent, 



S,R 3014-^ r ) s 

/Step n+1: If hashed DRKn received in step 3014, and decrypted with hashed user ^ 
password is correct, S sends to C DRKn encrypted with hashed server password as 
a key; C decrypts DRKn with the server password, stored at C in step 3, and 
converted to its hash equivalent; if hashed DRKn is the same as DRKn from step 

V 30H then C sends to S hashed DRKn encrypted with the hashed server password. . 

S 3015^ p 

Step n+2: If received from C DRKn is correct/wrong, then authentication signal go/no 
encrypted with DRKn-1, is sent to C; C decrypts the go/no signal with DRKn-1, stored 
at C in step 3013. This completes C/S mutual authentication and the Final Secret Key 
(FSK) exchange according to the KEDIA algorithm. 
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SENT(S) 



< 



RECEIVED(R) 



tep 6: If received DRK1 is correct, S sends to C DRK2 encrypted with DRK1 ; C 
ecrypts DRK2 with DRK1, and sends to S encrypted with DRK 2 hashed DRK2 



S, R 



3010 



T 



-►jse 



tep 6: If received DRK1 is correct, S 
sends to C DRK2 encrypted with 
RK1 



4001 



DRK 2 supplied by Server DRK 
Generator 2005 (FIG. 2) 



4003 



Server supplies the assumed user 
password to enable bytes, bits, or 
bytes & bits veiling in DRK2 



4005 



I 



ByteVU, BitVU, or BBVU is applied to 
veil either bytes, or bits, or bytes & 
bits of DRK2 



4007 



T 



Conversion array, encrypted with 
DRK1 (block-cipher encryption 
algorithm), is sent to client 



4009 



T 



R S 

with DRK1,and' 



C decrypts DRK 
sends to S encryted with DRK2 
hashed DRK2 



3E 



y 



4002 



Conversion array is decrypted with 

DRK1 (block-cipher encryption/ 
decryption algorithm) 



4004 



Client supplies the user password 
triggering bytes, or bits, or bytes & bits 
reassembling in the conversion array 



I 



4006 



ByteVU, BitVU, or BBVU is 
reassembling the coversion array, 
decrypted before with DRK 1 



4008 



DRK 2 is reconstructed to its original 
form, and C sends to S hashed DRK2, 
treated with either ByteVU, BitVU, or 
BBVU; the final conversion array is 
encrypted with DRK 2 
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SERVER DATABASE 
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5001 



DRKi - 1 6 bytes 
| xhl | xh2 j xh3 | xh4 1 xh5 | xh6 | xh7 | ... | xhl4 1 xhl5 | xhl6 | 



5002-^ 



SERVER SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (SERVER SIDE) 



■n 



5007 



5008 



5009 



5010 



5004 
5006 
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5003 



CLIEN T SEQUEN TIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (CLIENT SIDE) 



T 
i 



5005 



V 



I s ' BBVU conversion array section; length - 10 bytes 
|r1,1 |r!2|rl,31 xhl | rl,5 | r1,6 | rl ,7 | rl,8 | rl,9 | rl.10 | 



o 



2 nd BBVU conversion array section; length - 10 bytes 



© 



| r2,l | r2,2 | r2,3 | r2,4 j r2,5 [ r2,6 1 r2,7 | r2,8 | xh2 | r2,10 1 



5012 



I5 lh BBVU conversion array section; length - 1 0 bytes ^7) 
rl5,l | xh!5 | rl5,3 | rl5,4 ] ... | r!5,7 | r!5,8 | rl5,9 | r!5,10 1 



16 th BBVU conversion array section; length - 10 bytes 



0 



| r!61 | r!6,2 | r16,3 | ... | r!6,6 [ xh!6 [ r!6,8 | r!6,9 | r!6,IO | 



5011 
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6001 



DRKi - 128 bits 

| yhl | yh2 | yh3 | yh4 1 yh5 | yh6 | yh7 | ... 
i 



Iyhl26|yhl27|yhl28| 
4 



6002 



XI 



SERVER SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (SERVER SIDE) 



6004 
6006 



6007 



6008 



6009 
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r 



6003 



CLIENT SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (CLIENT SIDE) 



6005 



V 



I st BBVU conversion array section; length - 128 bits 



- o 

|rUJ r1,2 [rUJ yhl 1 r!,5 \...\ r1,126 1 rl,127 | rl,128 | 



2 nd BBVU conversion array section; length - 128 bits 



0 

| r2,l | r2,2 | r2 ; 3 | r2,4 1 r2,5 | ... | r2,126 1 yh2 | r2,128 | 



6012 



1 27 th BBVU conversion array section; length - 1 28 bits 
| r!27,l j rl27,2 | r!27,3 | yhl27 |rl27,5 |...| rl27J27 | r!27J28 | 



128 th BBVU conversion array section; length - 128 bits 



r!28,l I yhl 28 I r!28,3 |...[ r!28,126 [ r!28,l27 | r 128, 128 | 



0 



6010 



6011 
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7001 



DRKi - 16 

|xh1 | xh2 | xh3 | xh4 1 xh5 | xh6 



I L. 



bytes 

|xh7|...| xhl4|xh!5|xhl6| 



7002 



2 



± 



SERVER SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER'S PASSWORD 
AS A SEED 



SERVER SEQUENTIAL DIRECT 
BJT POSITION SCRAMBLER 
(SDBPS) FOR EACH 
VEILED DRKi BYTE 




+ 



7003 



CLIENT SEQUENTIAL REVERSE 
BIT POSITION SCRAMBLER 
(SRBPS) FOR EACH 
VEILED DRKi BYTE 



CLIENT SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER'S PASSWORD 
AS A SEED 



r 



7008 



7009 



7010 



7011 



7012 



, 1 st BBVU conversion array section; length - 10 bytes 

-------- ---1 |.—— — ---— — - 

| rl,l | r!2 | rl,3 | xh'l j rl,5 | r1,6 j rl,7 [ r1,8 | rl,9 | r1,10 1 



o 



DRKi first xhl byte in binary bit representation: 
| xhl,8 | xhl ,7 | xhl ,6 | xhl,5 | xhl ,4 | xhU | xhl,2 | xhl J | 
(for instance, 0101 1101) 



Server's SRNG generates random sequence of 16 numbers from 1 to 10 
(due to ten positions in one BBVU conversion array section), and then the 
server's SBPS scrambles all bit positions in the veiled byte, 



For instance, the 1 st number generated by SRNG is 4 (DRKi 1 st byte position 
in the l 5t BBVU conversion array section above), then SBPS generates for 
each bit inside the DRKi 1 st byte new positions 3, 1, 8, 5, 4, 2, 7, 6 



New positions for each bit from 1 st to 8 th of xhl byte inside I st BBVU 
conversion array section are 1 101 1 100 for the example above. 
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9003 



9004 



9007 




m 



9001 user name: 
user password: 

9002 

^) server password: 
system message: 



(johnjortes 
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9014 



server password 
correct 



is not 



9014 ^9008 



OPERATION 
MODE 






LAN 




Server 
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